E. VLANs allow access to network services based on department, not physical location.*

F. VLANs can greatly simplify adding, moving, or changing hosts on the network.*

Under normal operations, Cisco recommends that you configure switch ports on which VLAN?

A. on the default vlan

B. on the management vlan

C. on the native vlan

D. on any vlan except the default vlan*

Show (Hide) Explanation/Reference

The default Ethernet VLAN is VLAN 1. It is a security best practice to configure all the ports on all switches to be associated with VLANs other than VLAN 1. All used ports are associated with VLANs distinct from VLAN 1.

All control/management traffic (like CDP, VTP, DTP…) is sent on VLAN 1 and we should separate management and user data traffic. Another reason is by default, the native VLAN is also VLAN 1 which is untagged on trunk links so it may cause a security hole.

The native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work. If there is a native VLAN mismatch, Spanning Tree Protocol (STP) places the port in a port VLAN ID (PVID) inconsistent state and will not forward on the link -> STP can detect native VLAN mismatch.

Note: Cisco Discovery Protocol (CDP) version 2 passes native VLAN information between Cisco switches. If you have a native VLAN mismatch, you will see CDP error messages on the console output like this:

A. The switch must be in VTP server or transparent mode before you can configure a VLAN*

B. The switch must be in config-vlan mode before you configure an extended VLAN

C. Dynamic inter-VLAN routing is supported on VLAN2 through VLAN 4064

D. A switch in VTP transparent mode save the VLAN databases to the running configuration only

Which statement about vlan operation on Cisco Catalyst switches is true?

A. when a packet is received from an 802.1Q trunk, the vlan id can be determined from the source MAC address table.

B. unknown unicast frames are retransmitted only to the ports that belong to the same vlan.*

C. ports between switches should be configured in access mode so that vlans can span across the ports.

D. broadcast and multicast frames are retransmitted to ports that are configured on different vlan.

Show (Hide) Explanation/Reference

Answer A is not correct because when a packet is received from an 802.1Q trunk, it always carries VLAN ID information in the VLAN tag portion so the switch does not need to look up its source MAC address table to determine the VLAN ID of that packet.

Which two statements about data VLANs on access ports are true ? (Choose two)

A. They can be configured as trunk ports

B. Two or more VLANs can be configured on the interface

C. 802.1Q encapsulation must be configured on the interface

D. Exactly one VLAN can be configured on the interface.*

E. They can be configured as host ports.*

Which feature facilitates the tagging of frames on a specific VLAN?

A. Routing

B. Hairpinning

C. Switching

D. Encapsulation*

Assuming the default switch configuration which vlan range can be added modified and removed on a Cisco switch?